Vulnerabilities

Report: CVE-2026-23926 - Stored XSS vulnerability in Host navigator widget maintenance tooltip - Expert Insights

2026-05-06 0 views admin

CVE ID :CVE-2026-23926 Published : May 6, 2026, 6:58 a.m. | 1 hour, 32 minutes ago Description :An authenticated (non-super) administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens the tooltip. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-23926

Severity

HIGH

Published

May 6, 2026

🏷️ Tags

report23926storedvulnerabilitynavigatorwidgetmaintenancetooltipexpertinsights

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-23926 - Stored XSS vulnerability in Host navigator widget maintenance tooltip - Expert Insights

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Breaking: CVE-2026-35253 - Oracle Macaron Tool HTTP Host Address Validation Bypass

Report: CVE-2026-6672 - Affiliate Program Suite <= 1.2.7 - authenticated (contributor+) stored cross-site...

Report: Breaking: CVE-2026-6344 - Fluent Forms <= 6.2.1 - authenticated (administrator+) arbitrary file read via pa...

Report: Latest: CVE-2026-7448 - LatePoint <= 5.5.0 - unauthenticated stored cross-site scripting via 'first_name'...

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting